|
200301
|
7.5 |
HIGH
Network
|
changingtec
|
servisign
|
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API …
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-3927
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200302
|
7.5 |
HIGH
Network
|
changingtec
|
servisign
|
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API …
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-3926
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200303
|
8.8 |
HIGH
Network
|
changingtec
|
servisign
|
A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arb…
|
NVD-CWE-noinfo
|
CVE-2020-3925
|
2024-11-21 14:31 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200304
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3758
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200305
|
7.5 |
HIGH
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information …
|
CWE-89
SQL Injection
|
CVE-2020-3719
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200306
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execut…
|
NVD-CWE-noinfo
|
CVE-2020-3718
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200307
|
5.3 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information …
|
CWE-22
Path Traversal
|
CVE-2020-3717
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200308
|
9.8 |
CRITICAL
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arb…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-3716
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200309
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3715
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200310
|
7.8 |
HIGH
Local
|
adobe
|
illustrator_cc
|
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-3714
|
2024-11-21 14:31 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
